A method is used in validating association of client devices with authenticated clients. An authentication request for authenticating a client is received from a client device used by a client for establishing a session with a server. The client is authenticated by an authentication device. A token is created and provided to the client device. Identification information of the client device is gathered. The identification information identifies the client device. The identification information gathered from the client device is evaluated. Based on the evaluation, it is validated that the identification information corresponds to a client device associated with the authenticated client.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A method for use in validating association of client devices with authenticated clients, the method comprising: receiving an authentication request from a client device used by a client for authenticating the client for establishing a session with a server; authenticating the client, by an authentication device, wherein the client is authenticated by creating a first authentication token and providing the first authentication token to the client; receiving a second authentication token from the client device for accessing the server; gathering identification information of the client device, wherein the identification information identifies the client device; evaluating the identification information gathered from the client device, wherein evaluating the identification information includes performing risk analysis by an adaptive authentication logic; and based on the evaluation, validating that the identification information of the client device providing the second authentication token to the server corresponds to a client device that has been associated with the authenticated client and the second authentication token is same as the first authentication token that has previously been created for the authenticated client during authentication of the client.
2. The method of claim 1 , further comprising: evaluating the token provided by a client device using statistical analysis based on the identification information of the client device.
3. The method of claim 1 , further comprising: associating a client device with an authenticated client.
4. The method of claim 1 , wherein the token includes a Security Assertion Markup Language token.
5. The method of claim 1 , wherein a user agent executes on the client device, wherein the user agent includes a web browser.
6. The method of claim 1 , wherein the server includes a service provider system.
7. The method of claim 1 , wherein the authentication device includes an identity provider system.
8. The method of claim 1 , wherein identification information associated with a client device includes a device fingerprint of the client device.
9. The method of claim 1 , wherein the identification information gathered from a client device is evaluated by an adaptive authentication system.
10. The method of claim 1 , further comprising: evaluating a risk score for determining whether a client device providing the token to the server is associated with a session of the authenticated client for which the token has been created; and based on the evaluation, validating that the client device is associated with the authenticated client.
11. A system for use in validating association of client devices with authenticated clients, the system comprising a client device and a server configured to: receive an authentication request from the client device used by a client for authenticating a client for establishing a session with the server; authenticate the client, by an authentication device, wherein the client is authenticated by creating a first authentication token and providing the first authentication token to the client; receive a second authentication token from the client device for accessing the server; gather identification information of the client device, wherein the identification information identifies the client device; evaluate the identification information gathered from the client device, wherein evaluation of the identification information includes performing risk analysis by an adaptive authentication logic; and validate, based on the evaluation, that the identification information of the client device providing the second authentication token to the server corresponds to a client device that has been associated with the authenticated client and the second authentication token is same as the first authentication token that has previously been created for the authenticated client during authentication of the client.
12. The system of claim 11 , further comprising: evaluate the token provided by a client device using statistical analysis based on the identification information of the client device.
13. The system of claim 11 , further comprising: associate a client device with an authenticated client.
14. The system of claim 11 , wherein the token includes a Security Assertion Markup Language token.
15. The system of claim 11 , wherein a user agent executes on the client device, wherein the user agent includes a web browser.
16. The system of claim 11 , wherein the server includes a service provider system.
17. The system of claim 11 , wherein the authentication device includes an identity provider system.
18. The system of claim 11 , wherein identification information associated with a client device includes a device fingerprint of the client device.
19. The system of claim 11 , wherein the identification information gathered from a client device is evaluated by an adaptive authentication system.
20. The system of claim 11 , further comprising: evaluate a risk score for determining whether a client device providing the token to the server is associated with a session of the authenticated client for which the token has been created; and validate, based on the evaluation, that the client device is associated with the authenticated client.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
June 29, 2012
August 26, 2014
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.